IAEA Safety Standardsfor protecting people and the environment

General Safety GuideNo. GSG-12

Organization, Management and Staffing of the Regulatory Body for Safety

IAEA Safety Standards Series No. G

SG-12

IAEA SAFETY STANDARDS AND RELATED PUBLICATIONS

IAEA SAFETY STANDARDS

Under the terms of Article III of its Statute, the IAEA is authorized to establish or adopt standards of safety for protection of health and minimization of danger to life and property, and to provide for the application of these standards.

The publications by means of which the IAEA establishes standards are issued in the IAEA Safety Standards Series. This series covers nuclear safety, radiation safety, transport safety and waste safety. The publication categories in the series are Safety Fundamentals, Safety Requirements and Safety Guides.

Information on the IAEA’s safety standards programme is available on the IAEA Internet site

http://www-ns.iaea.org/standards/

The site provides the texts in English of published and draft safety standards. The texts of safety standards issued in Arabic, Chinese, French, Russian and Spanish, the IAEA Safety Glossary and a status report for safety standards under development are also available. For further information, please contact the IAEA at: Vienna International Centre, PO Box 100, 1400 Vienna, Austria.

All users of IAEA safety standards are invited to inform the IAEA of experience in their use (e.g. as a basis for national regulations, for safety reviews and for training courses) for the purpose of ensuring that they continue to meet users’ needs. Information may be provided via the IAEA Internet site or by post, as above, or by email to Official.Mail@iaea.org.

RELATED PUBLICATIONS

The IAEA provides for the application of the standards and, under the terms of Articles III and VIII.C of its Statute, makes available and fosters the exchange of information relating to peaceful nuclear activities and serves as an intermediary among its Member States for this purpose.

Reports on safety in nuclear activities are issued as Safety Reports, which provide practical examples and detailed methods that can be used in support of the safety standards.

Other safety related IAEA publications are issued as Emergency Preparedness and Response publications, Radiological Assessment Reports, the International Nuclear Safety Group’s INSAG Reports, Technical Reports and TECDOCs. The IAEA also issues reports on radiological accidents, training manuals and practical manuals, and other special safety related publications.

Security related publications are issued in the IAEA Nuclear Security Series.The IAEA Nuclear Energy Series comprises informational publications to encourage

and assist research on, and the development and practical application of, nuclear energy for peaceful purposes. It includes reports and guides on the status of and advances in technology, and on experience, good practices and practical examples in the areas of nuclear power, the nuclear fuel cycle, radioactive waste management and decommissioning.

ORGANIZATION, MANAGEMENT AND STAFFING OF THE

REGULATORY BODY FOR SAFETY

AFGHANISTANALBANIAALGERIAANGOLAANTIGUA AND BARBUDAARGENTINAARMENIAAUSTRALIAAUSTRIAAZERBAIJANBAHAMASBAHRAINBANGLADESHBARBADOSBELARUSBELGIUMBELIZEBENINBOLIVIA, PLURINATIONAL

STATE OFBOSNIA AND HERZEGOVINABOTSWANABRAZILBRUNEI DARUSSALAMBULGARIABURKINA FASOBURUNDICAMBODIACAMEROONCANADACENTRAL AFRICAN

REPUBLICCHADCHILECHINACOLOMBIACONGOCOSTA RICACÔTE D’IVOIRECROATIACUBACYPRUSCZECH REPUBLICDEMOCRATIC REPUBLIC

OF THE CONGODENMARKDJIBOUTIDOMINICADOMINICAN REPUBLICECUADOREGYPTEL SALVADORERITREAESTONIAESWATINIETHIOPIAFIJIFINLANDFRANCEGABONGEORGIA

GERMANYGHANAGREECEGRENADAGUATEMALAGUYANAHAITIHOLY SEEHONDURASHUNGARYICELANDINDIAINDONESIAIRAN, ISLAMIC REPUBLIC OF IRAQIRELANDISRAELITALYJAMAICAJAPANJORDANKAZAKHSTANKENYAKOREA, REPUBLIC OFKUWAITKYRGYZSTANLAO PEOPLE’S DEMOCRATIC

REPUBLICLATVIALEBANONLESOTHOLIBERIALIBYALIECHTENSTEINLITHUANIALUXEMBOURGMADAGASCARMALAWIMALAYSIAMALIMALTAMARSHALL ISLANDSMAURITANIAMAURITIUSMEXICOMONACOMONGOLIAMONTENEGROMOROCCOMOZAMBIQUEMYANMARNAMIBIANEPALNETHERLANDSNEW ZEALANDNICARAGUANIGERNIGERIANORWAYOMANPAKISTAN

PALAUPANAMAPAPUA NEW GUINEAPARAGUAYPERUPHILIPPINESPOLANDPORTUGALQATARREPUBLIC OF MOLDOVAROMANIARUSSIAN FEDERATIONRWANDASAINT VINCENT AND

THE GRENADINESSAN MARINOSAUDI ARABIASENEGALSERBIASEYCHELLESSIERRA LEONESINGAPORESLOVAKIASLOVENIASOUTH AFRICASPAINSRI LANKASUDANSWEDENSWITZERLANDSYRIAN ARAB REPUBLICTAJIKISTANTHAILANDTHE FORMER YUGOSLAV

REPUBLIC OF MACEDONIATOGOTRINIDAD AND TOBAGOTUNISIATURKEYTURKMENISTANUGANDAUKRAINEUNITED ARAB EMIRATESUNITED KINGDOM OF

GREAT BRITAIN AND NORTHERN IRELAND

UNITED REPUBLICOF TANZANIA

UNITED STATES OF AMERICAURUGUAYUZBEKISTANVANUATUVENEZUELA, BOLIVARIAN

REPUBLIC OF VIET NAMYEMENZAMBIAZIMBABWE

The following States are Members of the International Atomic Energy Agency:

The Agency’s Statute was approved on 23 October 1956 by the Conference on the Statute of the IAEA held at United Nations Headquarters, New York; it entered into force on 29 July 1957. The Headquarters of the Agency are situated in Vienna. Its principal objective is “to accelerate and enlarge the contribution of atomic energy to peace, health and prosperity throughout the world’’.

IAEA SAFETY STANDARDS SERIES No. GSG-12

ORGANIZATION, MANAGEMENT AND STAFFING OF THE

REGULATORY BODY FOR SAFETYGENERAL SAFETY GUIDE

INTERNATIONAL ATOMIC ENERGY AGENCYVIENNA, 2018

COPYRIGHT NOTICE

All IAEA scientific and technical publications are protected by the terms of the Universal Copyright Convention as adopted in 1952 (Berne) and as revised in 1972 (Paris). The copyright has since been extended by the World Intellectual Property Organization (Geneva) to include electronic and virtual intellectual property. Permission to use whole or parts of texts contained in IAEA publications in printed or electronic form must be obtained and is usually subject to royalty agreements. Proposals for non-commercial reproductions and translations are welcomed and considered on a case-by-case basis. Enquiries should be addressed to the IAEA Publishing Section at:

Marketing and Sales Unit, Publishing SectionInternational Atomic Energy AgencyVienna International CentrePO Box 1001400 Vienna, Austriafax: +43 1 26007 22529tel.: +43 1 2600 22417email: sales.publications@iaea.org http://www.iaea.org/books

© IAEA, 2018

Printed by the IAEA in AustriaSeptember 2018STI/PUB/1801

IAEA Library Cataloguing in Publication Data

Names: International Atomic Energy Agency.Title: Organization, management and staffing of the regulatory body for safety /

International Atomic Energy Agency.Description: Vienna : International Atomic Energy Agency, 2018. | Series: IAEA

safety standards series, ISSN 1020–525X ; no. GSG-12 | Includes bibliographical references.

Identifiers: IAEAL 18-01176 | ISBN 978–92–0–100218–1 (paperback : alk. paper) Subjects: LCSH: Independent regulatory commissions. | Administrative agencies —

Management. | Nuclear facilities.Classification: UDC 621.039.58:3.075.6 | STI/PUB/1801

FOREWORD

by Yukiya Amano Director General

The IAEA’s Statute authorizes the Agency to “establish or adopt… standards of safety for protection of health and minimization of danger to life and property” — standards that the IAEA must use in its own operations, and which States can apply by means of their regulatory provisions for nuclear and radiation safety. The IAEA does this in consultation with the competent organs of the United Nations and with the specialized agencies concerned. A comprehensive set of high quality standards under regular review is a key element of a stable and sustainable global safety regime, as is the IAEA’s assistance in their application.

The IAEA commenced its safety standards programme in 1958. The emphasis placed on quality, fitness for purpose and continuous improvement has led to the widespread use of the IAEA standards throughout the world. The Safety Standards Series now includes unified Fundamental Safety Principles, which represent an international consensus on what must constitute a high level of protection and safety. With the strong support of the Commission on Safety Standards, the IAEA is working to promote the global acceptance and use of its standards.

Standards are only effective if they are properly applied in practice. The IAEA’s safety services encompass design, siting and engineering safety, operational safety, radiation safety, safe transport of radioactive material and safe management of radioactive waste, as well as governmental organization, regulatory matters and safety culture in organizations. These safety services assist Member States in the application of the standards and enable valuable experience and insights to be shared.

Regulating safety is a national responsibility, and many States have decided to adopt the IAEA’s standards for use in their national regulations. For parties to the various international safety conventions, IAEA standards provide a consistent, reliable means of ensuring the effective fulfilment of obligations under the conventions. The standards are also applied by regulatory bodies and operators around the world to enhance safety in nuclear power generation and in nuclear applications in medicine, industry, agriculture and research.

Safety is not an end in itself but a prerequisite for the purpose of the protection of people in all States and of the environment — now and in the future. The risks associated with ionizing radiation must be assessed and controlled without unduly limiting the contribution of nuclear energy to equitable and sustainable development. Governments, regulatory bodies and operators everywhere must ensure that nuclear material and radiation sources are used beneficially, safely and ethically. The IAEA safety standards are designed to facilitate this, and I encourage all Member States to make use of them.

THE IAEA SAFETY STANDARDS

BACKGROUND

Radioactivity is a natural phenomenon and natural sources of radiation are features of the environment. Radiation and radioactive substances have many beneficial applications, ranging from power generation to uses in medicine, industry and agriculture. The radiation risks to workers and the public and to the environment that may arise from these applications have to be assessed and, if necessary, controlled.

Activities such as the medical uses of radiation, the operation of nuclear installations, the production, transport and use of radioactive material, and the management of radioactive waste must therefore be subject to standards of safety.

Regulating safety is a national responsibility. However, radiation risks may transcend national borders, and international cooperation serves to promote and enhance safety globally by exchanging experience and by improving capabilities to control hazards, to prevent accidents, to respond to emergencies and to mitigate any harmful consequences.

States have an obligation of diligence and duty of care, and are expected to fulfil their national and international undertakings and obligations.

International safety standards provide support for States in meeting their obligations under general principles of international law, such as those relating to environmental protection. International safety standards also promote and assure confidence in safety and facilitate international commerce and trade.

A global nuclear safety regime is in place and is being continuously improved. IAEA safety standards, which support the implementation of binding international instruments and national safety infrastructures, are a cornerstone of this global regime. The IAEA safety standards constitute a useful tool for contracting parties to assess their performance under these international conventions.

THE IAEA SAFETY STANDARDS

The status of the IAEA safety standards derives from the IAEA’s Statute, which authorizes the IAEA to establish or adopt, in consultation and, where appropriate, in collaboration with the competent organs of the United Nations and with the specialized agencies concerned, standards of safety for protection of health and minimization of danger to life and property, and to provide for their application.

With a view to ensuring the protection of people and the environment from harmful effects of ionizing radiation, the IAEA safety standards establish fundamental safety principles, requirements and measures to control the radiation exposure of people and the release of radioactive material to the environment, to restrict the likelihood of events that might lead to a loss of control over a nuclear reactor core, nuclear chain reaction, radioactive source or any other source of radiation, and to mitigate the consequences of such events if they were to occur. The standards apply to facilities and activities that give rise to radiation risks, including nuclear installations, the use of radiation and radioactive sources, the transport of radioactive material and the management of radioactive waste.

Safety measures and security measures1 have in common the aim of protecting human life and health and the environment. Safety measures and security measures must be designed and implemented in an integrated manner so that security measures do not compromise safety and safety measures do not compromise security.

The IAEA safety standards reflect an international consensus on what constitutes a high level of safety for protecting people and the environment from harmful effects of ionizing radiation. They are issued in the IAEA Safety Standards Series, which has three categories (see Fig. 1).

Safety FundamentalsSafety Fundamentals present the fundamental safety objective and principles

of protection and safety, and provide the basis for the safety requirements.

Safety RequirementsAn integrated and consistent set of Safety Requirements establishes

the requirements that must be met to ensure the protection of people and the environment, both now and in the future. The requirements are governed by the objective and principles of the Safety Fundamentals. If the requirements are not met, measures must be taken to reach or restore the required level of safety. The format and style of the requirements facilitate their use for the establishment, in a harmonized manner, of a national regulatory framework. Requirements, including numbered ‘overarching’ requirements, are expressed as ‘shall’ statements. Many requirements are not addressed to a specific party, the implication being that the appropriate parties are responsible for fulfilling them.

1 See also publications issued in the IAEA Nuclear Security Series.

Safety GuidesSafety Guides provide recommendations and guidance on how to comply

with the safety requirements, indicating an international consensus that it is necessary to take the measures recommended (or equivalent alternative measures). The Safety Guides present international good practices, and increasingly they reflect best practices, to help users striving to achieve high levels of safety. The recommendations provided in Safety Guides are expressed as ‘should’ statements.

APPLICATION OF THE IAEA SAFETY STANDARDS

The principal users of safety standards in IAEA Member States are regulatory bodies and other relevant national authorities. The IAEA safety standards are also used by co-sponsoring organizations and by many organizations that design, construct and operate nuclear facilities, as well as organizations involved in the use of radiation and radioactive sources.

Part 1. Governmental, Legal andRegulatory Framework for Safety

Part 2. Leadership and Managementfor Safety

Part 3. Radiation Protection and Safety of Radiation Sources

Part 4. Safety Assessment forFacilities and Activities

Part 5. Predisposal Managementof Radioactive Waste

Part 6. Decommissioning andTermination of Activities

Part 7. Emergency Preparednessand Response

1. Site Evaluation forNuclear Installations

2. Safety of Nuclear Power Plants

2/1 Design2/2 Commissioning and Operation

3. Safety of Research Reactors

4. Safety of Nuclear FuelCycle Facilities

5. Safety of Radioactive WasteDisposal Facilities

6. Safe Transport ofRadioactive Material

General Safety Requirements Specific Safety Requirements

Safety FundamentalsFundamental Safety Principles

Collection of Safety Guides

FIG. 1. The long term structure of the IAEA Safety Standards Series.

The IAEA safety standards are applicable, as relevant, throughout the entire lifetime of all facilities and activities — existing and new — utilized for peaceful purposes and to protective actions to reduce existing radiation risks. They can be used by States as a reference for their national regulations in respect of facilities and activities.

The IAEA’s Statute makes the safety standards binding on the IAEA in relation to its own operations and also on States in relation to IAEA assisted operations.

The IAEA safety standards also form the basis for the IAEA’s safety review services, and they are used by the IAEA in support of competence building, including the development of educational curricula and training courses.

International conventions contain requirements similar to those in the IAEA safety standards and make them binding on contracting parties. The IAEA safety standards, supplemented by international conventions, industry standards and detailed national requirements, establish a consistent basis for protecting people and the environment. There will also be some special aspects of safety that need to be assessed at the national level. For example, many of the IAEA safety standards, in particular those addressing aspects of safety in planning or design, are intended to apply primarily to new facilities and activities. The requirements established in the IAEA safety standards might not be fully met at some existing facilities that were built to earlier standards. The way in which IAEA safety standards are to be applied to such facilities is a decision for individual States.

The scientific considerations underlying the IAEA safety standards provide an objective basis for decisions concerning safety; however, decision makers must also make informed judgements and must determine how best to balance the benefits of an action or an activity against the associated radiation risks and any other detrimental impacts to which it gives rise.

DEVELOPMENT PROCESS FOR THE IAEA SAFETY STANDARDS

The preparation and review of the safety standards involves the IAEA Secretariat and five safety standards committees, for emergency preparedness and response (EPReSC) (as of 2016), nuclear safety (NUSSC), radiation safety (RASSC), the safety of radioactive waste (WASSC) and the safe transport of radioactive material (TRANSSC), and a Commission on Safety Standards (CSS) which oversees the IAEA safety standards programme (see Fig. 2).

All IAEA Member States may nominate experts for the safety standards committees and may provide comments on draft standards. The membership of

the Commission on Safety Standards is appointed by the Director General and includes senior governmental officials having responsibility for establishing national standards.

A management system has been established for the processes of planning, developing, reviewing, revising and establishing the IAEA safety standards. It articulates the mandate of the IAEA, the vision for the future application of the safety standards, policies and strategies, and corresponding functions and responsibilities.

INTERACTION WITH OTHER INTERNATIONAL ORGANIZATIONS

The findings of the United Nations Scientific Committee on the Effects of Atomic Radiation (UNSCEAR) and the recommendations of international

Secretariat and

consultants:

drafting of new or revision

of existing safety standard

Draft

Endorsement

by the CSS

Final draft

Review by

safety standards

committee(s)Member States

Comments

Draft

Outline and work plan

prepared by the Secretariat;

review by the safety standards

committees and the CSS

FIG. 2. The process for developing a new safety standard or revising an existing standard.

expert bodies, notably the International Commission on Radiological Protection (ICRP), are taken into account in developing the IAEA safety standards. Some safety standards are developed in cooperation with other bodies in the United Nations system or other specialized agencies, including the Food and Agriculture Organization of the United Nations, the United Nations Environment Programme, the International Labour Organization, the OECD Nuclear Energy Agency, the Pan American Health Organization and the World Health Organization.

INTERPRETATION OF THE TEXT

Safety related terms are to be understood as defined in the IAEA Safety Glossary (see http://www-ns.iaea.org/standards/safety-glossary.htm). Otherwise, words are used with the spellings and meanings assigned to them in the latest edition of The Concise Oxford Dictionary. For Safety Guides, the English version of the text is the authoritative version.

The background and context of each standard in the IAEA Safety Standards Series and its objective, scope and structure are explained in Section 1, Introduction, of each publication.

Material for which there is no appropriate place in the body text (e.g. material that is subsidiary to or separate from the body text, is included in support of statements in the body text, or describes methods of calculation, procedures or limits and conditions) may be presented in appendices or annexes.

An appendix, if included, is considered to form an integral part of the safety standard. Material in an appendix has the same status as the body text, and the IAEA assumes authorship of it. Annexes and footnotes to the main text, if included, are used to provide practical examples or additional information or explanation. Annexes and footnotes are not integral parts of the main text. Annex material published by the IAEA is not necessarily issued under its authorship; material under other authorship may be presented in annexes to the safety standards. Extraneous material presented in annexes is excerpted and adapted as necessary to be generally useful.

CONTENTS

1. INTRODUCTION . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

Background (1.1–1.8) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1Objective (1.9–1.11) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3Scope (1.12–1.15). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4Structure (1.16). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

2. GENERAL CHARACTERISTICS OF A REGULATORY BODY . . . 5

General (2.1–2.2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5Independence (2.3–2.19) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6Commitment to safety (2.20–2.21). . . . . . . . . . . . . . . . . . . . . . . . . . . . 10Acting in the public interest (2.22–2.24) . . . . . . . . . . . . . . . . . . . . . . . 10Openness, transparency and consistency (2.25–2.27) . . . . . . . . . . . . . 11Commitment to continuous improvement (2.28–2.29) . . . . . . . . . . . . 12

3. MANAGEMENT FOR SAFETY. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Leadership for safety (3.1) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12Safety culture (3.2–3.9) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13Responsibility and accountability of the regulatory body (3.10–3.12) 15Provision of resources (3.13–3.22). . . . . . . . . . . . . . . . . . . . . . . . . . . . 16Interactions with interested parties (3.23–3.26) . . . . . . . . . . . . . . . . . . 18

4. FUNCTIONS AND ORGANIZATION . . . . . . . . . . . . . . . . . . . . . . . . 19

Introduction (4.1–4.4). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19Core regulatory functions (4.5–4.24) . . . . . . . . . . . . . . . . . . . . . . . . . . 20Supporting functions (4.25–4.54). . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24Organization (4.55–4.61) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31Roles and responsibilities of the management (4.62–4.71) . . . . . . . . . 33

5. INTEGRATED MANAGEMENT SYSTEM. . . . . . . . . . . . . . . . . . . . 35

General (5.1–5.9) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35Responsibility and resources for the integrated management

system (5.10–5.18) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37Development phase of an integrated management system (5.19–5.27) 39

Implementation phase of an integrated management system (5.28–5.31) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

Maintenance phase of the integrated management system (5.32–5.33) 42Measurement, assessment and continuous improvement (5.34–5.62) 42Documentation of the integrated management system (5.63–5.70) . . . 49

6. STAFFING AND COMPETENCE OF STAFF . . . . . . . . . . . . . . . . . . 51

General (6.1–6.6) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51Staffing (6.7–6.12) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52Competence management (6.13–6.60) . . . . . . . . . . . . . . . . . . . . . . . . . 53Methods for acquiring competence (6.61–6.86). . . . . . . . . . . . . . . . . . 63

APPENDIX I: EXTERNAL EXPERT SUPPORT . . . . . . . . . . . . . . . . . . . 69

APPENDIX II: GENERIC PROCESSES OF THE INTEGRATED MANAGEMENT SYSTEM. . . . . . . . . . . . . . . . . . . . . . . . 78

APPENDIX III: ELEMENTS OF A TRAINING PROGRAMME FOR THE REGULATORY BODY. . . . . . . . . . . . . . . . . . . 84

APPENDIX IV: STRUCTURE OF INFORMATION IN THE INTEGRATED MANAGEMENT SYSTEM . . . . . . . . . . . 87

REFERENCES . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91

ANNEX: PROCESS DESCRIPTIONS . . . . . . . . . . . . . . . . . . . . . . . 93

REFERENCES TO THE ANNEX. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121

CONTRIBUTORS TO DRAFTING AND REVIEW . . . . . . . . . . . . . . . . . . 123

1

1. INTRODUCTION

BACKGROUND

1.1. Regulation is essential for ensuring the safety of all facilities and activities that give rise to radiation risks. The establishment of a legally based, independent, fully resourced and technically competent regulatory body is a fundamental element set out in Principle 2 of IAEA Safety Standards Series No. SF-1, Fundamental Safety Principles [1]. This principle is reinforced and further elaborated in the Safety Requirements publications IAEA Safety Standards Series Nos GSR Part 1 (Rev. 1), Governmental, Legal and Regulatory Framework for Safety [2] and GSR Part 3, Radiation Protection and Safety of Radiation Sources: International Basic Safety Standards [3].

1.2. This Safety Guide provides guidance on the organizational structure, management and staffing of the regulatory body for ensuring the control of facilities and activities1. Organization and management are of fundamental importance for regulatory bodies to be able to perform their functions effectively. This guidance is particularly important for those regulatory bodies having responsibilities covering a range of facilities and activities that give rise to radiation risks, or when interfaces are present between various regulatory authorities, which require effective coordination and cooperation.

1.3. This Safety Guide has been developed in parallel with IAEA Safety Standards Series No. GSG-13, Functions and Processes of the Regulatory Body for Safety [4], which covers the technical2 aspects of the core functions of the regulatory body and the processes by which they are discharged. It is strongly recommended that this Safety Guide and GSG-13 [4] be read in conjunction with one another.

1 Facilities and activities is a general term encompassing nuclear facilities, all uses of sources of ionizing radiation, all radioactive waste management activities, transport of radioactive material and any other activity or circumstances in which people may be exposed to radiation risks arising from naturally occurring or artificial sources. See footnote 3 of GSR Part 1 (Rev. 1) [2] for a more complete definition.

2 Includes human, technical and organizational aspects.

2

1.4. The core functions of the regulatory body are described in GSR Part 1 (Rev. 1) [2] and IAEA Safety Standards Series No. GSR Part 7, Preparedness and Response for a Nuclear or Radiological Emergency [5], and include:

— The development and/or provision of regulations and guides; — Notification and authorization, including registration and licensing; — Regulatory review and assessment; — Regulatory inspection; — Enforcement; — Emergency preparedness and response; — Communication and consultation with interested parties.

1.5. Corresponding supporting functions are necessary to ensure that the core functions can be performed efficiently and effectively. These include the following:

— Administrative support, including human resources, finance, management of documents and records, and equipment purchasing and control;

— Legal assistance; — Research and development processes; — Arrangements for contracting external expert support, where needed; — Establishment of advisory committees; — International cooperation.

1.6. The recommendations provided in this Safety Guide and GSG-13 [4] are intended mainly to be used by regulatory bodies, but can be also useful for governments that are developing a regulatory framework for radiation and nuclear safety. They will also assist authorized parties, and others dealing with radiation sources, in understanding the organizational and functional aspects of regulatory control for all facilities and activities that give rise to radiation risks.

1.7. This Safety Guide can be used by States embarking on a new nuclear power programme and by States significantly extending an existing nuclear power programme, already having in place a regulatory system for other facilities or activities. States that are significantly extending an existing nuclear power programme should follow the guidance in this Safety Guide as though they were establishing a new regulatory body. Detailed guidance is provided in IAEA Safety Standards Series No. SSG-16, Establishing the Safety Infrastructure for a Nuclear Power Programme [6].

3

1.8. This Safety Guide supersedes IAEA Safety Standards Series No. GS-G-1.1, Organization and Staffing of the Regulatory Body for Nuclear Facilities3 issued in 2002, the parts of IAEA Safety Standards Series No. GS-G-1.5, Regulatory Control of Radiation Sources4, issued in 2004, relating to the organization and staffing of the regulatory body, and IAEA Safety Standards Series No. GSG-4, Use of External Experts by the Regulatory Body5, issued in 2013.

OBJECTIVE

1.9. The objective of this Safety Guide is to provide recommendations on meeting the requirements of GSR Part 1 (Rev. 1) [2] in respect of the organizational structure, management and staffing of the regulatory body to support regulatory bodies in carrying out their responsibilities and functions efficiently and effectively and in an independent manner.

1.10. This Safety Guide also provides guidance on how an integrated management system should be established and implemented in order to have in place both the core processes that help the regulatory body to perform its core functions, and the management and support processes that are necessary to run the regulatory body.

1.11. This Safety Guide is intended for use by all regulatory bodies, irrespective of the size and type of the facilities and activities they regulate. In applying this Safety Guide, the regulatory body should use a graded approach commensurate with the risks associated with the facilities and activities, and with account taken of national circumstances, so as to be able to apply resources in an efficient manner.

3 INTERNATIONAL ATOMIC ENERGY AGENCY, Organization and Staffing of the Regulatory Body for Nuclear Facilities, IAEA Safety Standards Series No. GS-G-1.1, IAEA, Vienna (2002).

4 FOOD AND AGRICULTURE ORGANIZATION OF THE UNITED NATIONS, INTERNATIONAL ATOMIC ENERGY AGENCY, INTERNATIONAL LABOUR OFFICE, PAN AMERICAN HEALTH ORGANIZATION, WORLD HEALTH ORGANIZATION, Regulatory Control of Radiation Sources, IAEA Safety Standards Series No. GS-G-1.5, IAEA, Vienna (2004).

5 INTERNATIONAL ATOMIC ENERGY AGENCY, Use of External Experts by the Regulatory Body, IAEA Safety Standards Series No. GSG-4, IAEA, Vienna (2013).

4

SCOPE

1.12. This Safety Guide covers the organizational and management aspects of the regulatory body that are necessary for it to perform its core functions. In particular, this Safety Guide covers not only the technical aspects of the organizational structure, management and staffing of the regulatory body, but also the cultural, organizational and individual aspects (human and organizational factors) supporting strong regulatory effectiveness.

1.13. The term ‘authorized party’ is used in this Safety Guide to indicate the person or organization responsible for an authorized facility or an authorized activity that gives rise to radiation risks who has been granted written permission (i.e. authorized) by a regulatory body or other governmental body to conduct specified activities; the authorized party may be a licensee, a registrant, an operator or an operating organization.

1.14. ‘Interested parties’, sometimes known as stakeholders or concerned parties, are those individuals or organizations with a concern or interest in the activities and performance of an organization, in particular the regulatory body or the authorized party. Interested parties include: the general public, such as people living in the vicinity of facilities; elected officials and governmental authorities at the national, regional and local levels; national and local non-governmental organizations; regulated industry and its employees; trade unions; suppliers; professional and academic organizations; news media; and other States, especially neighbouring States. The term ‘safety’ is used in this Safety Guide to mean the protection of people and the environment against radiation risks, and the safety of facilities and activities that give rise to radiation risks. Safety as used here includes the safety of nuclear installations, radiation safety, the safety of radioactive waste management and safety in the transport of radioactive material; it does not include non-radiation-related aspects of safety. Further definitions are provided in the IAEA Safety Glossary [7].

1.15. The scope of this Safety Guide is limited to the regulation of safety and does not extend to nuclear security. However, recommendations are provided in this Safety Guide on the interface between nuclear security and safety, especially for protection of information. Guidance on addressing nuclear security aspects can be found in IAEA Nuclear Security Series No. 13, Nuclear Security Recommendations on Physical Protection of Nuclear Material and Nuclear Facilities (INFCIRC/225/Revision 5) [8]; IAEA Nuclear Security Series No. 14, Nuclear Security Recommendations on Radioactive Material and Associated Facilities [9]; and supporting guidance.

5

STRUCTURE

1.16. Section 2 of this Safety Guide sets out the general characteristics of a regulatory body with responsibility for safety, while Section 3 provides more specific recommendations on management for safety focused on leadership for safety and safety culture aspects. Section 4 describes the organizational aspects required for the implementation of the core regulatory functions and supporting regulatory functions of a regulatory body. Section 5 outlines the characteristics of an integrated management system necessary for an effective and efficient regulatory body, and Section 6 provides recommendations on the necessary staffing and competences that should be in place in order for the regulatory body to effectively perform its functions and to discharge its responsibilities. Appendices I, II, III and IV provide more detailed guidance on: the use of external expert support, generic processes of the integrated management system, the basic elements of a regulatory body training programme, and the structure of information in the integrated management system. The Annex provides examples of generic regulatory process descriptions.

2. GENERAL CHARACTERISTICS OF A REGULATORY BODY

GENERAL

2.1. A set of organizational values can be used by the regulatory body to guide the behaviour of staff, to lay the foundation for an effective and efficient organization and to create a strong safety culture that is in line with the mission of the regulatory body. These values should include the following:

— Independent, impartial, transparent, proportionate, objective and evidence based decision making;

— Individual and collective commitment to safety, based on a scientific and technical approach;

— Acting in the public interest, demonstrating accountable public service and being accountable for decisions;

— Respect, fairness and courtesy in all the activities of the regulatory body; — Openness and transparency in dealing with the public and other interested parties, in order to promote confidence and trust in the judgements and decisions of the regulatory body;

6

— Fostering mutual understanding and respect between the regulatory body and authorized parties through a frank, open and formal relationship;

— Frank, open and honest communications, including when dealing with appeals, problems and complaints both within and outside the regulatory body;

— A supportive environment with respect for personal integrity, expertise and professionalism;

— A commitment to learning and continuous improvement; — A questioning attitude.

2.2. The regulatory body should apply a systemic approach6 so that it can effectively perform its functions [10].

INDEPENDENCE

2.3. The need for independence of the regulatory body is affirmed in the Convention on Nuclear Safety [11], the Joint Convention on the Safety of Spent Fuel Management and on the Safety of Radioactive Waste Management [12], the Code of Conduct on the Safety of Research Reactors [13], the Code of Conduct on the Safety and Security of Radioactive Sources [14] and in SF-1 [1] and GSR Part 1 (Rev. 1) [2] and concerns the separation of the regulatory body from the promoters of nuclear technology. The primary reason for the need for regulatory independence is to ensure that regulatory judgements can be made, and enforcement actions taken, without any unwarranted pressure from interests that may conflict with safety. Furthermore, the credibility of the regulatory body with the general public depends on whether the regulatory body is regarded as being independent from the organizations it regulates, as well as independent from other government agencies or industry groups that promote nuclear technologies.

2.4. It is recognized that a regulatory body functions within the national legal and budgetary framework of the State, and therefore cannot be absolutely independent in all respects of other parts of government. Nevertheless, effective independence of the regulatory body to make decisions in respect of radiation protection of people and the environment, without external pressures or influence, will contribute to its effectiveness and credibility.

6 A systemic approach is an approach relating to a system as a whole, in which the interactions between technical, human and organizational factors are duly considered.

7

2.5. The need for independence of the regulatory body does not imply an adversarial relationship with authorized parties or with any other parties. The following paragraphs provide a more detailed description of a number of aspects of regulatory independence.

Political aspects

2.6. Paragraph 2.8 of GSR Part 1 (Rev. 1) [2] states that:

“To be effectively independent from undue influences on its decision making, the regulatory body: …Shall be free from any pressures associated with political circumstances or economic conditions, or pressures from government departments, authorized parties or other organizations”.

2.7. The regulatory body should, however, be accountable to the government and to the general public with regard to effectively and efficiently fulfilling its mission to protect workers, the public and the environment. Formal mechanisms for ensuring accountability may include: establishing a direct reporting line to the highest levels of government, undertaking regular audits and peer reviews and publishing the results, and communicating with interested parties.

Legislative aspects

2.8. Requirement 3 of GSR Part 1 (Rev. 1) [2] states that:

“The government, through the legal system, shall establish and maintain a regulatory body, and shall confer on it the legal authority and provide it with the competence and the resources necessary to fulfil its statutory obligation for the regulatory control of facilities and activities.”

2.9. The legal framework defining the powers of the regulatory body should include mechanisms to protect the independence of regulatory decision making from undue interference in decisions on safety issues. Such mechanisms may include, for example, procedures for the documentation and dissemination of regulatory decisions and their legal and technical justification.

2.10. Having a single regulatory body for all aspects of safety offers advantages in terms of clear allocation of responsibilities, and ensuring a comprehensive, proportionate and consistent regulatory approach. However, in many cases the regulation of facilities and activities is spread across more than one organization. Where several authorities have regulatory responsibilities for safety, the

8

legislation should establish clear lines of authority and responsibility so as to avoid gaps or overlaps. The various regulatory authorities should formally establish a system of liaison and working arrangements and procedures so as to ensure an appropriate degree of coordination and cooperation.

Financial aspects

2.11. Adequate and stable financing for all regulatory activities is fundamental to independence. The financing mechanism should be clearly defined in the legal framework. The budget for the regulatory body may include the fees levied for regulatory activities, but should not depend on fines or other penalties arising from enforcement actions, nor should it be decided by or be subject to the approval of those parts of the government that are responsible for the development, promotion and operation of nuclear technologies.

2.12. Although the overall budget of the regulatory body may be fixed by the government, the regulatory body should have the authority to distribute financial resources to its various regulatory activities for the greatest effectiveness and efficiency.

2.13. Specific provisions to fund the regulatory body should be established in the national legal framework or through the national fiscal process. How this is best accomplished will depend on a number of considerations, including the following:

— Precedents for the funding of other national regulatory organizations; — The types and scale of regulated facilities and activities, and the associated workload based on the application of a graded approach to the execution of the functions of the regulatory body;

— How the regulatory body is structured, including its use of in-house and outsourced competences.

2.14. An open and transparent system of governance and auditing of the regulatory body’s funding should be put in place. Review and approval of the regulatory body’s budget should be performed only by governmental agencies that are effectively neutral in respect of the development, promotion or operation of facilities and conduct of activities. Such an approach provides additional assurance of the independence of the regulatory body.

9

Competence aspects

2.15. The independence of a regulatory body’s decision making depends greatly on the competence of its staff. The regulatory body should have sufficient internal technical expertise in the areas relevant to its mandate. The management of the regulatory body should therefore have the responsibility and authority to maintain sufficient staff with the necessary skills and technical expertise to carry out the regulatory functions. Such necessary skills and expertise should include:

— Competence in the relevant scientific and technological areas; — Competence with regard to the facilities, organizations and activities of authorized parties;

— Competence in applying the regulatory processes in accordance with their underpinning legal framework, ethical principles and codes of conduct.

The principles and considerations on staffing and competence of staff are addressed in greater detail in Section 6.

2.16. The regulatory body may decide to obtain technical or other expert professional advice or services, as necessary, in support of its regulatory functions, on a temporary or permanent basis. Such advice or services obtained externally should be impartial and free from conflicts of interest and should not relieve the regulatory body of its assigned responsibilities. External expert support may be provided in several ways, as described in further detail in Appendix I.

2.17. As further described in Section 3, the regulatory body should acquire, manage, maintain, develop and preserve knowledge and information for building and maintaining adequate core competences. The objective should be to make informed decisions and to have competence to assess advice provided by advisory bodies, providers of external expert support and information submitted by authorized parties and applicants. Building and maintaining core competences is a distinct process and should be performed within the regulatory body’s integrated management system; this is further addressed in Section 5.

Communication and consultation with interested parties

2.18. The regulatory body should have the authority and the responsibility to establish provisions for communication with interested parties, including the public, about the possible radiation risks associated with facilities and activities, as well as the regulatory decision making processes and regulatory decisions made. Informing and consulting interested parties should be done by means of a

10

transparent, open, consistent and ongoing communication process. This subject is addressed in detail in IAEA Safety Standards Series No. GSG-6, Communication and Consultation with Interested Parties by the Regulatory Body [15].

Audits, peer reviews and international cooperation

2.19. A systematic programme of professional reviews and audits of regulatory performance should be put in place in order to promote independence in decision making by the regulatory body. This should include participation in appropriate international professional cooperation exercises and independent peer reviews, either of a specific regulatory activity or of the regulatory body as a whole.

COMMITMENT TO SAFETY

2.20. The protection of people and the environment from harmful effects of ionizing radiation is the main focus of the regulatory body. The regulatory body’s oversight should consider all aspects of a facility or activity, including its organization and staffing. The regulatory body should take a systemic approach to discharging its responsibilities, with account taken of human, technological and organizational factors and their respective interactions.

2.21. All individuals of the regulatory body should exhibit a strong commitment to safety. This commitment should be achieved by developing and fostering a strong safety culture within the regulatory body, as further described in paras 3.2–3.9.

ACTING IN THE PUBLIC INTEREST

2.22. The prime responsibility for safety rests with the authorized party. Therefore, the regulatory body should not undertake activities that are the responsibility of authorized parties; rather the regulatory body should focus on regulatory functions, as identified in Section 4.

11

2.23. While the responsibility of the regulatory body is defined by legislation, the expectations of the public may vary. In order to maintain its authority and credibility, the regulatory body should establish and maintain arrangements for effective communication and consultation with the public. Examples of such arrangements may be:

— Forums for discussion of public concerns; — Forums for discussions of technical and regulatory aspects of safety; — Means to enable the public to communicate its concerns and questions; — Information channels specifically for public information.

2.24. Any information provided by the public should be carefully analysed and dealt with in a professional and timely manner. The information provided may also be used by the regulatory body when establishing and reviewing its regulations, guides and procedures and practices, where appropriate and when not in contradiction with the mandate of the regulatory body.

OPENNESS, TRANSPARENCY AND CONSISTENCY

2.25. Regulations and guides should be clear and unambiguous, and should be written in a manner that can be clearly understood by authorized parties.

2.26. Effective communication with interested parties will help ensure that the regulatory body takes account of different perspectives when establishing or modifying the regulatory framework.

2.27. The regulatory body should ensure that regulations and requirements are applied in a consistent, predictable, transparent and balanced manner, commensurate with the radiation risks associated with facilities and activities. The regulatory body should establish policies to promote the use of a graded approach, transparency and consistency, and the broad sharing of information and ideas, to help ensure the highest standards of protection and safety, while giving due account to the protection of sensitive information. Transparency and openness towards the general public also enhances confidence and trust in the regulatory body.

12

COMMITMENT TO CONTINUOUS IMPROVEMENT

2.28. Facilities and activities, technologies, and the expected standards of protection and safety, as well as expectations from the public, change over time. The regulatory body’s organization, staff, competences and knowledge, as well as its integrated management system, should be designed to be able to adapt to such changes.

2.29. The regulatory body should encourage its staff to have a questioning attitude regarding its functions and activities, and the activities of authorized parties, and should apply a process of continuous improvement in respect of its performance. This process is covered in paras 5.60–5.62.

3. MANAGEMENT FOR SAFETY

LEADERSHIP FOR SAFETY

3.1. Senior management, managers and leaders at all levels of the regulatory body should demonstrate, by their own behaviour, consistent adherence to the values of the regulatory body. This should typically include the following:

— Promoting a systemic approach to safety that embraces interactions between all human, technological and organizational factors;

— Developing shared values for safety, establishing behavioural expectations so as to shape a strong safety culture, and encouraging acceptance of personal accountability for safety among all individuals;

— Establishing and communicating a clear vision for safety, which is elaborated through a safety policy, strategy, plans and objectives, whereby safety is paramount;

— Ensuring that responsibilities and accountabilities are in line with policies, strategies and objectives, to ensure that safety requirements and safety goals are met and to guide decision making at all levels;

— Effectively communicating the regulatory body’s vision, strategy, plans and objectives;

— Encouraging the involvement of all individuals in the regulatory body in the implementation and continuous improvement of the regulatory body’s vision, strategy, plans and objectives;

13

— Developing and maintaining leadership capabilities at all levels in the regulatory body, including capabilities for competence management, change management and crisis management7;

— Encouraging open communication and seeking feedback on how effective leadership in the regulatory body is in ensuring and improving safety, and taking action, as necessary;

— Supporting and encouraging staff to focus on safety and including them in the regulatory decision making process;

— Demonstrating a commitment to continuous improvement of the integrated management system by actively seeking and assessing information on performance within their area of responsibility, and sharing this information within the regulatory body in an open and transparent manner;

— Fostering and encouraging the involvement of all individuals in the regulatory body in the implementation and continuous improvement of the integrated management system and encouraging a readiness to challenge acts or conditions that are inconsistent with the values of the regulatory body;

— Identifying and removing pressures and conflicts that inhibit the discharge of responsibilities and functions;

— Involvement in the resolution of difficult issues, including differences in professional opinion;

— Creating a working environment that allows staff to feel responsible for their work and develop their competences, for example by assigning them challenging tasks and coaching them adequately in case of difficulties;

— Ensuring timely and effective communication with interested parties.

SAFETY CULTURE

3.2. Requirement 12 of IAEA Safety Standards Series No. GSR Part 2, Leadership and Management for Safety [10] states that:

“Individuals in the organization, from senior managers downwards, shall foster a strong safety culture. The management system and leadership for safety shall be such as to foster and sustain a strong safety culture.”

7 Crisis management here means the ability to manage different types of crisis situation that might have an impact on the regulatory body’s capability to perform its functions.

14

3.3. Expected attitudes and behaviours (including those of any external experts and technical support organizations) that promote a strong safety culture should be defined and communicated throughout the regulatory body.

3.4. A strong safety culture does not grow by itself; it should be fostered and sustained. The behaviour and commitment of leaders to safety influences the attitudes and behaviours of individuals. Therefore, a strong safety culture needs the strong commitment and engagement of senior management, with the support of the integrated management system.

3.5. Everyone in the regulatory body, from senior management down, should contribute to promoting and maintaining a strong safety culture by adopting specific behaviours as routine ways of working.

3.6. A strong safety culture of a regulatory body has the following important attributes:

— Safety is a clearly recognized value. — Leadership for safety is clear. — Accountability for safety is clear. — Safety is integrated into all activities. — Safety is learning driven.

3.7. These attributes should permeate the entire regulatory body and should be reflected in the integrated management system so that individuals demonstrate a questioning attitude, feel responsible and are supported in identifying safety concerns.

3.8. Attitudes and behaviours that support a strong safety culture in the regulatory body include the following:

— Individual and collective commitment to safety; — Acceptance by individuals of personal accountability for their attitudes and conduct with regard to safety;

— An open attitude that encourages trust, collaboration and free communication, and that values the reporting of problems;

— The prompt acknowledgement of and feedback regarding identified problems and suggestions for improvement;

— Continuously seeking to develop and improve safety and the safety culture; — Encouraging a questioning and learning attitude and discouraging complacency at all levels in the regulatory body with regard to safety;

15

— A common understanding of the key aspects of safety and safety culture within the regulatory body;

— An awareness of the potential consequences of regulatory activities, including risks and hazards associated with them;

— Ensuring that all factors that might impact safety are taken into account in the regulatory decision making process and other regulatory activities.

3.9. The regulatory body should establish and maintain a programme to develop, foster and evaluate its safety culture. Such a programme should include safety culture self-assessments, workshops and seminars for defining improvement programmes, as well as training and support.

RESPONSIBILITY AND ACCOUNTABILITY OF THE REGULATORY BODY

3.10. The regulatory body has the responsibility to regulate the safety of facilities and activities. Therefore the regulatory body:

— Should establish or adopt regulations and guides that are sufficient in scope to cover all types of facilities and activities within the scope of its responsibilities;

— Should ensure that those responsible for facilities and activities are made aware of their prime responsibility for safety;

— Should verify and assess safety in compliance with regulatory requirements through an effective system of authorization, review and assessment, inspection and enforcement.

3.11. The regulatory body is accountable for how it discharges its responsibilities and therefore it:

— Should establish policies and standards against which it can be judged by the government and other interested parties in an open and transparent manner;

— Should be able to justify and explain its judgements and decisions; — Should incorporate a formal appeals process into the framework for safety; — Should establish an effective mechanism for interactions with interested parties.

3.12. The State should provide for independent oversight of the regulatory body and its key decisions, depending on the national legal framework. This may

16

be achieved in a number of different ways, for example by appearing before legislative committees, referral of decisions to courts of law and the appointment of an independent auditor. Such arrangements could also provide independent oversight and governance of the appeals process against regulatory decisions and actions. Accountability can also be achieved by establishing a direct reporting line from the regulatory body to the highest levels of government. Peer review systems, at national and international levels, can also provide a useful input into demonstrating accountability. The need for accountability should not compromise the regulatory body’s independence in making decisions relating to safety.

PROVISION OF RESOURCES

3.13. Senior management is required to ensure that the resources8 essential to the fulfilment of the regulatory body’s functions and to the achievement of the regulatory body’s objectives are identified and made available [10].

Financial resources

3.14. In order to be able to act independently, the regulatory body should be allocated sufficient financial resources and should have the authority to decide how these resources are to be used, in accordance with a graded approach.

3.15. The regulatory body should be able either to develop its own budget, or, in cases where this is predetermined (e.g. by national government), to control the distribution of financial resources within its overall budget.

3.16. The funding for the regulatory body should be reviewed periodically. Attention should be paid to future changes in the type and numbers of facilities and activities that need to be regulated. This can include the introduction of new facilities, changes during the lifetime of facilities including closure and decommissioning, and waste disposal. Large changes, for example to a national nuclear power programme, should be expected to have a significant impact on the regulatory resources required. Other factors, such as the expectations of interested parties, should also be considered when reviewing regulatory body funding.

8 Resources include individuals (the number of individuals and their competences), infrastructure, the working environment, knowledge and information, and suppliers, as well as material and financial resources [15].

17

Human resources

3.17. Requirement 18 of GSR Part 1 (Rev. 1) [2] states that:

“The regulatory body shall employ a sufficient number of qualified and competent staff, commensurate with the nature and the number of facilities and activities to be regulated, to perform its functions and to discharge its responsibilities.”

3.18. Adequate staffing will ensure that the regulatory body has the necessary resources, competences and capabilities to reach its own independent decisions on the safety of facilities and activities. As such, attention should be paid to the education, training and continuing development of the staff of the regulatory body in a dedicated human resources process within the integrated management system.

3.19. Where external expert support is used, the regulatory body should still ensure that sufficient internal staff are available, having the capability to determine the need for and extent of external expert support, and also to evaluate the adequacy of any advice or services provided. Responsibilities for fulfilling core regulatory functions should not be delegated. Details on staffing of, and competence management within, the regulatory body are described in Section 6.

Information and knowledge

3.20. Information and knowledge are part of the corporate memory of the regulatory body and should be managed as a key resource that is embedded in the regulatory body’s processes, activities and functions (see Table A-19 in the Annex). Effective management for safety will take into account the knowledge and information resulting from both positive and negative experiences (e.g. good practices and bad practices). Examples of information and knowledge relevant for regulatory bodies include the following:

— The collective experience of the staff of the regulatory body; — Technical expertise; — Lessons learned from regulatory practices, for example, techniques of assessment and inspection;

— Feedback from interested parties; — Feedback of experience from other authorities and national and international bodies;

18

— Operating experience in authorized facilities and activities in the State and in other States.

3.21. Processes should be established, from the early stages of development of the regulatory body’s integrated management system, to acquire, use, maintain, store and retrieve information and knowledge. These processes should be supported by specific tools and techniques, for example:

— Questionnaires, interviews and discussions, and reports (special attention should be paid to the transfer of knowledge when experienced staff leave or retire from the regulatory body);

— Databases, libraries, ‘knowledge portals’ and archives.

Other resources

3.22. There are other types of resources necessary for the regulatory body to perform its functions and to discharge its responsibilities. These may include the following:

— Offices, including furniture, equipment and supplies; — Computer and communications equipment, including software and network systems;

— Arrangements for conventional emergencies; — Personal protective equipment; — Radiation monitoring and dosimetry equipment; — Laboratory facilities; — Record-keeping systems; — Support facilities; — Means of transport.

INTERACTIONS WITH INTERESTED PARTIES

3.23. As part of a policy of openness, transparency and mutual trust, the regulatory body should establish effective working relationships with interested parties. The regulatory body may be subject to legal requirements that prescribe the provision of information to, and consultation with, interested parties (including multilateral and bilateral regulatory interactions), taking into account the need to protect sensitive information.

19

3.24. Regulations and associated guides are the primary means by which the regulatory body communicates its requirements and guidance, modes of work and basis for decisions to interested parties. Therefore, in developing and subsequently reviewing regulations and guides, comments from, and the expectations of, interested parties should be taken into account.

3.25. Interested parties may have differing expectations of the regulatory body, depending on their functions, roles and interests. In order to understand and address these needs and expectations, the regulatory body should establish a process to ensure effective interactions with all interested parties. This should include the following:

— Identifying relevant interested parties and the legal requirements relevant to informing and consulting interested parties;

— Clarifying the needs and expectations of interested parties and ensuring that these are recognized and understood;

— Evaluating these needs and expectations and determining an appropriate and balanced response;

— Deciding on a communication strategy that sets out the methods and frequency of informing, involving and consulting each party, as appropriate, including keeping relevant parties informed of possible radiation risks associated with facilities and activities;

— Communicating the response to relevant parties; — Using feedback to inform regulatory policy, strategies, plans and other decisions;

— Periodically assessing the satisfaction of interested parties to determine whether their needs are being met.

3.26. The regulatory body should consider developing methods for gathering information regarding the effectiveness of its interactions with interested parties.

4. FUNCTIONS AND ORGANIZATION

INTRODUCTION

4.1. To meet its regulatory responsibilities, there are several core functions that a regulatory body should fulfil. These core functions are described in detail in GSG-13 [4] and only a brief description is provided in this section.

20

4.2. In fulfilling its core functions, there are also several supporting functions that should be available within the regulatory body. Supporting functions enable the implementation of the core functions. A regulatory body could not operate satisfactorily without most of the supporting functions. Core functions and supporting functions are described in separate subsections below.

4.3. In addition, management functions are necessary to enable the regulatory body to sustain an efficient and effective organization with sufficient competent staff.

4.4. The core functions, supporting functions and management functions should be organized through associated processes and should be represented in the regulatory body’s integrated management system (see Section 5 and the Annex).

CORE REGULATORY FUNCTIONS

Development of regulations and guides

4.5. Requirement 32 of GSR Part 1 (Rev. 1) [2] states that:

“The regulatory body shall establish or adopt regulations and guides to specify the principles, requirements and associated criteria for safety upon which its regulatory judgements, decisions and actions are based.”

4.6. As part of its integrated management system, the regulatory body should establish a process for the development of regulations and guides. This process should ensure that the regulations and guides:

— Have sufficient and appropriate scope commensurate with the radiation risks associated with the facilities and activities, in accordance with a graded approach;

— Are consistent and clear; — Are kept up to date; — Are developed in consultation with interested parties.

Notification and authorization

4.7. Requirement 23 of GSR Part 1 (Rev. 1) [2] states that:

“Authorization by the regulatory body, including specification of the conditions necessary for safety, shall be a prerequisite for all those

21

facilities and activities that are not either explicitly exempted or approved by means of a notification process.”

4.8. The regulatory body should have the authority to accept and to process notifications and applications for authorization for facilities and activities within the scope of the regulations.

4.9. The objective of notification is to provide initial information to the regulatory body that a person or organization is intending to operate a facility or conduct an activity. The regulatory body should use this information to update the register of sources, facilities and activities, as appropriate, and to decide on the level of regulatory control to be applied.

4.10. The objective of granting authorizations is for the regulatory body to exercise effective regulatory control throughout the lifetime of a facility or duration of an activity in relation to safety. The authorization process should require assurance by the applicant that it can comply with all relevant safety requirements.

Review and assessment of facilities and activities

4.11. Requirement 25 of GSR Part 1 (Rev. 1) [2] states that:

“The regulatory body shall review and assess relevant information — whether submitted by the authorized party or the vendor, compiled by the regulatory body, or obtained from elsewhere — to determine whether facilities and activities comply with regulatory requirements and the conditions specified in the authorization. This review and assessment of information shall be performed prior to authorization and again over the lifetime of the facility or the duration of the activity, as specified in regulations promulgated by the regulatory body or in the authorization.”

4.12. The review and assessment process is a critical appraisal, performed by the regulatory body, of information that is submitted by the authorized party on all aspects of safety, or that comes from inspection, information on events, feedback of operating experience at the national and international levels or other specified reports (e.g. records, comprehensive safety reviews, dose records) to demonstrate the safety of the facility or activity. Review and assessment are undertaken in order to enable the regulatory body to make a decision (or a series of decisions) on the acceptability of the facility or activity in terms of safety.

22

Inspection of facilities and activities

4.13. Requirement 27 of GSR Part 1 (Rev. 1) [2] states that:

“The regulatory body shall carry out inspections of facilities and activities to verify that the authorized party is in compliance with the regulatory requirements and with the conditions specified in the authorization.”

4.14. In addition, inspections should be performed to allow the regulatory body to supplement or to verify information that has been submitted by the authorized party, as well as to form its own opinion on issues relevant to safety.

4.15. Paragraph 4.49 of GSR Part 1 (Rev. 1) [2] states that:

“Regulatory inspection cannot diminish the prime responsibility for safety of the authorized party, and cannot substitute for the control, supervision and verification activities conducted under the responsibility of the authorized party.”

4.16. Paragraph 4.52 of GSR Part 1 (Rev. 1) [2] further states that:

“Regulatory inspections shall cover all areas of responsibility of the regulatory body, and the regulatory body shall have the authority to carry out independent inspections. Provision shall be made for free access by regulatory inspectors to any facility or activity, at any time, within the constraints of ensuring safety at all times and other constraints associated with the potential for harmful consequences. These inspections may include, within reason, unannounced inspections. The manner, extent and frequency of inspections shall be in accordance with a graded approach.”

Enforcement

4.17. Requirement 30 of GSR Part 1 (Rev. 1) [2] states that:

“The regulatory body shall establish and implement an enforcement policy within the legal framework for responding to non-compliance by authorized parties with regulatory requirements or with any conditions specified in the authorization.”

4.18. Regulatory enforcement activities should cover all areas of regulatory responsibility. Enforcement actions should be applied, as necessary, by the

23

regulatory body in the event of deviations from, or non-compliance with, regulatory requirements or with the conditions of the authorization.

4.19. The principal objective of enforcement is to provide a high level of assurance that the authorized party complies with all relevant safety requirements and meets the safety objectives and authorization conditions, and promptly identifies and corrects non-compliances with safety requirements. This applies at all stages of the lifetime of a facility (i.e. siting, design, construction, commissioning, operation and decommissioning or closure) or for the duration of an activity.

4.20. Enforcement actions are intended to correct or improve any aspect of the procedures and practices of the authorized party or of the facility’s systems, structures and components, as necessary, to ensure safety. Enforcement actions may also include civil penalties and other sanctions.

Emergency preparedness and response

4.21. The roles and responsibilities for emergency preparedness and response are required to be allocated among the authorized party, response organizations and the regulatory body. While certain roles and responsibilities in emergency preparedness and response are allocated to the regulatory body (for example, those addressed in paras 4.10–4.15 and 6.30 of GSR Part 7 [5]), the government may assign the regulatory body additional roles and responsibilities in emergency preparedness and response. The precise nature of such additional responsibilities will depend on the specific legal and organizational arrangements in the State concerned. In the following text, therefore, the emergency preparedness and response functions and processes of the regulatory body are identified only in a generic manner.

4.22. The regulatory body should:

— Verify that on-site emergency arrangements are in place; — Verify that coordination with off-site response organizations is in place; — Establish and maintain its internal arrangements for emergency preparedness and response;

— Discharge its assigned responsibilities in emergency response.

GSG-13 [4] provides further details on the regulatory body’s functions and processes in respect of emergency preparedness and response.

24

Communication and consultation with interested parties

4.23. The regulatory body should provide information on its activities to interested parties, including the public, on a regular basis and in the event of abnormal events. Information should be factual and as objective as possible, reflecting the regulatory body’s independence. The regulatory body should be as transparent as possible while respecting any requirements of commercial confidentiality and information security.

4.24. The regulatory body should, in accordance with national legislation, consult with interested parties, including the public, on its policies, regulations, guidance and operations. This requires development of an approach to meeting and discussing with the public and considering issues and concerns of the public regarding safety. Further details on approaches to and means of communication and consultation with interested parties are provided in GSG-6 [15].

SUPPORTING FUNCTIONS

4.25. There are two categories of supporting functions that enable the regulatory body to implement its core functions effectively:

— Administrative functions supporting the routine operations of the regulatory body (e.g. finance, management of documents and records, purchasing and control of equipment);

— Technical functions directly relating to the effective implementation and fulfilment of the core regulatory functions (e.g. legal support, research and development, the functions of advisory committees, external expert support, liaison with other governmental organizations, international cooperation and assistance).

Most of these functions should be represented in processes of the regulatory body’s integrated management system (see Section 5).

Administrative functions

4.26. The regulatory body should have organizational units dedicated to various administrative activities, which may be divided into specific aspects, to support its core activities. The number and the size of the units will depend on the size of the regulatory body. Administrative functions include the following activities:

25

— General administration, such as internal planning, maintenance of buildings and equipment, operation of communication systems and physical security of the premises;

— Management of human resources, which covers recruitment and training, internal communication, arrangements for medical care, security of staff and travel arrangements;

— Financial administration, including procurement, contracting, accounting, salaries and invoicing;

— Management of documentation and records, including the preparation, storage, retrieval, access control, reproduction and distribution of documents including legal instruments (e.g. authorizations or permits);

— Computer and/or data administration, ensuring adequate computing capability for technical use (data handling, analytical computing) as well as general uses of information technology and computer security;

— Knowledge management and library services, including access to specialized publications.

Technical functions

Legal support

4.27. The regulatory body should have access to expert legal advice. The objective of legal support is to provide the regulatory body with legal advice on international obligations, the national legal framework and legislation, and development of rules, regulations and guides for the implementation of the regulatory body’s functions.

4.28. Activities typically requiring professional legal support include the following:

— The development of basic legislation; — The development of regulations and review for compatibility with other relevant laws and regulations;

— Assisting in the development of the internal administrative procedures of the regulatory body;

— Providing legal advice in the authorization process; — Providing legal advice on proposed enforcement actions; — Representing the regulatory body in the event of enforcement activities involving formal legal processes;

— Assisting regulatory body staff in responding to requests for public information.

26

4.29. The experts providing legal support should review and advise the regulatory body regarding:

— How the regulatory body performs its regulatory responsibilities and functions;

— The adequacy of its regulations, implementing guides and procedures; — Authorization by the regulatory body for facilities and activities; — Enforcement actions; — Existing and proposed safety standards, and technical and policy issues relating to the authorization of facilities and activities;

— Other matters deemed relevant by the regulatory body (e.g. contracts, matters involving cooperation with other organizations).

4.30. Since legal support is embedded in many activities of the regulatory body, the regulatory body should establish how to document the results of a legal review, as well as the criteria for the acceptance or rejection of recommendations from experts providing legal support.

Research and development

4.31. Research and development provides supporting information on the safety of the design and operation of facilities or the conduct of activities. Research and development is intended to:

— Confirm existing knowledge on specific technical matters; — Identify any technical safety issues and resolutions; — Improve existing scientific and technical knowledge and safety assessment methods;

— Develop technical and scientific bases to support new regulations and/or procedures of the regulatory body.

4.32. Research and development is an essential supporting function to enable the regulatory body to assess and evaluate the adequacy of the technical basis supporting its regulations and regulatory activities. Having such capabilities will enable the regulatory body to evaluate key issues that impact safety. Organizations that perform research and development should be able to independently evaluate issues and scenarios with potential impact on safety. Regulatory activities should rely, to the extent practicable, on state of the art scientific and technical knowledge obtained from national and international research and development programmes. Research and development programmes in nuclear safety should be

27

organized to maintain and continuously develop the knowledge and competence of regulatory staff.

4.33. The organizational structure of the regulatory body should take into account the need for research and development, either by the establishment of a dedicated research unit or by recruiting staff who can define research and development needs, identify suitable external expert support organizations, initiate, coordinate and monitor the necessary work, and evaluate the results.

4.34. The regulatory body should, where appropriate, request authorized parties to carry out research and development necessary to demonstrate safety, and should assess the adequacy of the research and development methodology used and the results obtained. The regulatory body may consult with an appropriate advisory committee in its evaluation of the research and development programmes of authorized parties.

Advisory committees

4.35. Advisory committees provide the regulatory body with independent expert opinion on the adequacy of regulatory activities. Advisory committees are typically independent bodies (i.e. their members should not include staff from the regulatory body) that give advice and make suggestions to the regulatory body about safety issues.

4.36. Advisory committees can be distinguished from other forms of external expert support as their role is not to deliver technical input, but is intended to advise on overall regulatory approaches and policies.

4.37. Advisory committees should advise the regulatory body on:

— How effectively the regulatory body performs its regulatory responsibilities and functions;

— The adequacy of its regulations and guides, and procedures for such regulations and guides;

— Existing and proposed safety standards, and technical and policy issues relating to the authorization of facilities and activities;

— Other matters referred to the committee by the regulatory body.

4.38. The regulatory body may choose to give a formal structure to the processes by which expert opinion and advice are sought and provided. An effective advisory committee can provide a valuable service to the regulatory body by

28

helping to ensure that policies and regulations are clear, practical and complete, and provide a good balance between the interests of authorized parties and the needs of the regulatory body and other interested parties.

4.39. Advisory committees should report to the highest level of authority within the regulatory body. An advisory committee may consist of representatives from government departments, other national regulatory bodies, regulatory bodies of other States, scientific organizations, senior technical experts, academia, non-government organizations and authorized parties. Any advisory committee member who might have a conflict of interest on any subject under discussion should be disqualified from that discussion. Membership of an advisory committee should represent a balance of interests across various interested parties. The terms of reference of advisory committees should be clearly defined by the regulatory body, and should specify the role and responsibility of the advisory committee, its constitution and the selection criteria for its membership. Advisory committees should solicit, where appropriate, views from the public, industry, regional and local governments, and other interested parties on regulatory matters.

External expert support

4.40. The regulatory body should have, as a minimum, adequate competence in every core function and supporting function so that it has the ability both to formulate and to manage its requests for technical advice and to understand, evaluate and implement the advice received (see para 3.19 and Section 6).

4.41. If the regulatory body decides to establish a dedicated technical support organization, the regulatory body should set clear limits on the degree of control and direction over the work of the technical support organization. This will ensure that the technical support organization has sufficient flexibility to pursue investigations to the point where it can give definitive and independent advice.

4.42. The regulatory body should establish requirements for the integrated management system to be used by the technical support organization. In some cases, the existing integrated management system of the technical support organization may be adequate, while in other cases the regulatory body should specify the requirements for the integrated management system in its contract with the technical support organization. In the case of individual experts, they should work in accordance with the regulatory body’s integrated management system.

29

4.43. The regulatory body should establish and maintain a list of qualified external experts, as well as arrangements for engaging their services when necessary. Further recommendations on external expert support can be found in Appendix I.

Liaison with other governmental organizations

4.44. The regulatory body should interact with oth